- EPSS 0.57%
- Published 25.05.2015 14:59:06
- Last modified 12.04.2025 10:46:40
Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of servi...
- EPSS 0.57%
- Published 25.05.2015 14:59:05
- Last modified 12.04.2025 10:46:40
Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of servi...
CVE-2014-4778
- EPSS 0.22%
- Published 25.05.2015 14:59:02
- Last modified 12.04.2025 10:46:40
IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote attackers to conduct clickjacking atta...
CVE-2014-4774
- EPSS 0.1%
- Published 25.05.2015 14:59:00
- Last modified 12.04.2025 10:46:40
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 allows remote attackers to hijack the authentication of arbitrary users via ...
CVE-2015-1915
- EPSS 0.28%
- Published 25.05.2015 00:59:10
- Last modified 12.04.2025 10:46:40
The Endpoint Manager for Remote Control component in IBM Tivoli Endpoint Manager for Lifecycle Management 9.0.1 before IF6 and 9.1.0 before IF6 does not set the secure flag for the session cookie in an https session, which makes it easier for remote ...